Added captcha for sign up form
• Added: - captcha for sign up form - empty ENV variables for: GAB_CAPTCHA_SECRET_KEY, GAB_CAPTCHA_CLIENT_KEY to be configured within captcha.gab.com - Script insertion within registrations/new.html.haml containing instantiation for captcha.gab.com with our client key and challenge buster - Div within registration form for #gab-captcha for the challenge to get inserted within - Checks in RegistrationsController for captcha verification using server token (automatically generated in form), secret [server] key before checking if username/password/email is valid
This commit is contained in:
parent
21096c523d
commit
a3ef16bc8c
|
@ -224,3 +224,7 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
|
||||||
# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
|
# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
|
||||||
# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
|
# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
|
||||||
# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
|
# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
|
||||||
|
|
||||||
|
# Gab Captcha
|
||||||
|
GAB_CAPTCHA_SECRET_KEY=
|
||||||
|
GAB_CAPTCHA_CLIENT_KEY=
|
|
@ -231,3 +231,7 @@ STREAMING_CLUSTER_NUM=1
|
||||||
# http_proxy=http://gateway.local:8118
|
# http_proxy=http://gateway.local:8118
|
||||||
# Access control for hidden service.
|
# Access control for hidden service.
|
||||||
# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
|
# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
|
||||||
|
|
||||||
|
# Gab Captcha
|
||||||
|
GAB_CAPTCHA_SECRET_KEY=
|
||||||
|
GAB_CAPTCHA_CLIENT_KEY=
|
|
@ -3,26 +3,22 @@
|
||||||
class Auth::RegistrationsController < Devise::RegistrationsController
|
class Auth::RegistrationsController < Devise::RegistrationsController
|
||||||
layout :determine_layout
|
layout :determine_layout
|
||||||
|
|
||||||
before_action :set_challenge, only: [:new]
|
|
||||||
before_action :check_enabled_registrations, only: [:new, :create]
|
before_action :check_enabled_registrations, only: [:new, :create]
|
||||||
before_action :configure_sign_up_params, only: [:create]
|
before_action :configure_sign_up_params, only: [:create]
|
||||||
before_action :set_sessions, only: [:edit, :update]
|
before_action :set_sessions, only: [:edit, :update]
|
||||||
before_action :set_instance_presenter, only: [:new, :create, :update]
|
before_action :set_instance_presenter, only: [:new, :create, :update]
|
||||||
before_action :set_body_classes, only: [:new, :create, :edit, :update]
|
before_action :set_body_classes, only: [:new, :create, :edit, :update]
|
||||||
before_action :set_cache_headers, only: [:edit, :update]
|
before_action :set_cache_headers, only: [:edit, :update]
|
||||||
|
prepend_before_action :check_captcha, only: [:create]
|
||||||
|
|
||||||
def new
|
def new
|
||||||
|
set_challenge_buster
|
||||||
super
|
super
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
if session[:challenge_answer].to_s == params[:user][:challenge].to_s.strip
|
set_challenge_buster
|
||||||
# Reset after, may be errors to return and this ensures its still visible
|
|
||||||
set_challenge
|
|
||||||
super
|
super
|
||||||
else
|
|
||||||
return false
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
|
@ -66,6 +62,18 @@ class Auth::RegistrationsController < Devise::RegistrationsController
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
def check_captcha
|
||||||
|
unless passed_challenge?(params["gab-captcha-st"], params[:user])
|
||||||
|
self.resource = resource_class.new configure_sign_up_params
|
||||||
|
resource.validate # Look for any other validation errors besides reCAPTCHA
|
||||||
|
flash[:captcha_error] = "Incorrect text. Please try again."
|
||||||
|
set_challenge_buster
|
||||||
|
respond_with_navigational(resource) {
|
||||||
|
redirect_to new_user_registration_path
|
||||||
|
}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def set_instance_presenter
|
def set_instance_presenter
|
||||||
@instance_presenter = InstancePresenter.new
|
@instance_presenter = InstancePresenter.new
|
||||||
end
|
end
|
||||||
|
@ -74,10 +82,37 @@ class Auth::RegistrationsController < Devise::RegistrationsController
|
||||||
@body_classes = %w(edit update).include?(action_name) ? 'admin' : ''
|
@body_classes = %w(edit update).include?(action_name) ? 'admin' : ''
|
||||||
end
|
end
|
||||||
|
|
||||||
def set_challenge
|
def set_challenge_buster
|
||||||
@challenge_add_1 = rand(0...9)
|
@challenge_buster = SecureRandom.hex
|
||||||
@challenge_add_2 = rand(0...9)
|
end
|
||||||
session[:challenge_answer] = @challenge_add_1 + @challenge_add_2
|
|
||||||
|
def passed_challenge?(serverToken, userParams)
|
||||||
|
# Log if captcha keys not present in ENV
|
||||||
|
if ENV.fetch('GAB_CAPTCHA_CLIENT_KEY', '').empty? || ENV.fetch('GAB_CAPTCHA_CLIENT_KEY', '').nil?
|
||||||
|
Rails.logger.debug "RegistrationsController: GAB_CAPTCHA_CLIENT_KEY is undefined"
|
||||||
|
end
|
||||||
|
|
||||||
|
# Log and return false is captcha key is not present. This will disallow anyone from signing up
|
||||||
|
if ENV.fetch('GAB_CAPTCHA_SECRET_KEY', '').empty? || ENV.fetch('GAB_CAPTCHA_SECRET_KEY', '').nil?
|
||||||
|
Rails.logger.debug "RegistrationsController: GAB_CAPTCHA_SECRET_KEY is undefined"
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
typedChallenge = userParams[:challenge]
|
||||||
|
username = userParams[:account_attributes][:username]
|
||||||
|
|
||||||
|
return false if serverToken.nil? || serverToken.empty? || typedChallenge.nil? || typedChallenge.empty?
|
||||||
|
|
||||||
|
Request.new(:post, "https://captcha.gab.com/captcha/#{serverToken}/verify", form: {
|
||||||
|
"serverKey" => ENV.fetch('GAB_CAPTCHA_SECRET_KEY', ''),
|
||||||
|
"value" => typedChallenge,
|
||||||
|
"username" => username,
|
||||||
|
"ip" => request.env['REMOTE_ADDR']
|
||||||
|
}).perform do |res|
|
||||||
|
body = JSON.parse(res.body_with_limit)
|
||||||
|
result = !!body["success"]
|
||||||
|
return result
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def determine_layout
|
def determine_layout
|
||||||
|
|
|
@ -5,7 +5,10 @@
|
||||||
= render partial: 'shared/og'
|
= render partial: 'shared/og'
|
||||||
|
|
||||||
= simple_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f|
|
= simple_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f|
|
||||||
%h2.form-title Sign up for Gab
|
%div{style: "display:flex;flex-direction:row;height:36px;width:100%;align-items:center;margin-bottom:15px;"}
|
||||||
|
%h2.form-title{style: "padding:0;margin:0;"} Sign up for Gab
|
||||||
|
%div{style: "display:flex;width:90px;height:36px;margin-left:auto;margin-top:-10px;"}
|
||||||
|
= f.button :button, t('auth.register'), type: :submit, style: "height:36px;font-size:14px;"
|
||||||
|
|
||||||
= render 'shared/error_messages', object: resource
|
= render 'shared/error_messages', object: resource
|
||||||
|
|
||||||
|
@ -22,8 +25,11 @@
|
||||||
.fields-group
|
.fields-group
|
||||||
= f.input :password_confirmation, wrapper: :with_label, label: t('simple_form.labels.defaults.confirm_password'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.confirm_password'), :autocomplete => 'off' }
|
= f.input :password_confirmation, wrapper: :with_label, label: t('simple_form.labels.defaults.confirm_password'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.confirm_password'), :autocomplete => 'off' }
|
||||||
|
|
||||||
.fields-group
|
.fields-group{style: "flex-direction:column;"}
|
||||||
= f.input :challenge, wrapper: :with_label, label: "Are you a human? What is #{@challenge_add_1} + #{@challenge_add_2} = ", required: true, input_html: { 'aria-label' => "Are you a human? What is #{@challenge_add_1} + #{@challenge_add_2}", :autocomplete => 'off' }
|
= f.input :challenge, wrapper: :with_label, label: "Are you a human? Enter the text below.", required: true, input_html: { 'aria-label' => "Are you a human? Enter the text below.", :autocomplete => 'off' }
|
||||||
|
%span{style: "margin-top:5px;font-size:12px;color:red;"}= flash[:captcha_error]
|
||||||
|
%div#gab-captcha{style: "display:block;position:relative;width:240px;height:100px;margin-top:10px;border-radius:6px;overflow:hidden;border:1px solid #ccc;"}
|
||||||
|
%span{style:"display:block;position:absolute;line-height:100px;width:240px;height:100px;top:0;left:0;right:0;bottom:0;text-align:center;color:#ccc;"} • • •
|
||||||
|
|
||||||
.fields-group-agreement
|
.fields-group-agreement
|
||||||
= f.input :agreement, as: :boolean, wrapper: :with_label, label: t('auth.checkbox_agreement_html', about_tos_path: about_tos_path)
|
= f.input :agreement, as: :boolean, wrapper: :with_label, label: t('auth.checkbox_agreement_html', about_tos_path: about_tos_path)
|
||||||
|
@ -32,3 +38,6 @@
|
||||||
= f.button :button, t('auth.register'), type: :submit
|
= f.button :button, t('auth.register'), type: :submit
|
||||||
|
|
||||||
.form-footer= render 'auth/shared/links'
|
.form-footer= render 'auth/shared/links'
|
||||||
|
|
||||||
|
|
||||||
|
%script{src: "https://captcha.gab.com/captcha/#{ENV.fetch('GAB_CAPTCHA_CLIENT_KEY', '')}/challenge.js?b=#{@challenge_buster}", type: "application/javascript" }
|
||||||
|
|
Loading…
Reference in New Issue